CVE-2025-44614

HIGH

Tinxy Wifi Lock Controller V1 RF Firmware - Cleartext Storage

Title source: rule
STIX 2.1

Description

Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext.

References (1)

Scores

CVSS v3 7.5
EPSS 0.0017
EPSS Percentile 37.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-312
Status published
Products (1)
tinxy/wifi_lock_controller_v1_rf_firmware
Published May 30, 2025
Tracked Since Feb 18, 2026